Purpose of "secure hash algorithm" option in ADFS relying party properties

Question

What does the "secure hash algorithm" option specified in the Advanced tab of the ADFS relying party trust properties actually affect?

Is it a security problem that SHA1 is one of the options? If not, why not?

Screenshot: ADFS relying party properties

This blog from MS describes as follows:

The relying party trust in ADFS must be configured with the correct secure hash algorithm. Most SAML applications will support SHA-1 while most WS-Fed applications will support SHA-256. Go to the properties of the relying party application in ADFS and then advanced tab and pick the correct hash algorithm from the drop-down:

Our app uses SAML, but our customers often query the use of SHA1 when I ask them to use the setting as suggested by most ADFS documentation.

Answer 1

Microsoft has already announced that they wouldn't be accepting SHA1 certificates after year 2016.

So it's recommended that you use SHA2. However, there is possibility that some applications don't support SHA2. In this case, you can contact the application vendor for new version which support SHA2. Otherwise, you have to select SHA1 here for these applications.

In case your Certification Authority hashing Algorithm is using SHA1, you need to measure and plan to migrate to SHA2.

You will still need to inventory your existing certificates and replace SHA1 certificate.